[Fontconfig] Re: [patch]: mmapping FontConfig data structures
Jeremy C. Reed
reed at reedmedia.net
Sat Jun 11 01:59:52 EST 2005
On Fri, 10 Jun 2005, Behdad Esfahbod wrote:
> On Fri, 10 Jun 2005, Patrick Lam wrote:
>
> > Jeremy C. Reed wrote:
> > > Please make sure this doesn't have race conditions when using /tmp or
> > > TMPDIR.
> > >
> > > Maybe use O_EXCL (with open(2)) when creating, but that may not be good
> > > enough for some network-based filesystems.
> > >
> > > And don't use 666 for creating the file. If I overlooked or misunderstood
> > > something, please let us know.
> >
> > I will use 600 rather than 666. Since this file is just hanging around
> > anyway, it seems to be insufficient to avoid race conditions. I think
> > that if I could create a checksum (e.g. CRC32) of the expected state, as
> > written, and verified the checksum before read, that ought to be
> > sufficient; what do you think?
What do you mean by "just hanging around"?
I don't know the code myself. And have not tested. Try manually making a
symlink from the name of your file to be created and have it point to
another existing file ... and see what your code does to it. (Imagine
someone malicious making a symlink pointing to your password database and
waiting for someone to run this routine as root to cause a simple denial
of service.)
> You better use O_EXCL anyway. Just in case two copies of fc-mmap
> happen to run in parallel, or something.
Jeremy C. Reed
BSD News, BSD tutorials, BSD links
http://www.bsdnewsletter.com/
More information about the Fontconfig
mailing list